Hapi Security Vulnerabilities

CVE-2014-10068

The inert directory handler in inert node module before 1.1.1 always allows files in hidden directories to be served, even when showHidden is false.

CVE-2023-25166

formula is a math and string formula parser. In versions prior to 3.0.1 crafted user-provided strings to formula's parser might lead to polynomial execution time and a denial of service. Users should upgrade to 3.0.1+. There are no known workarounds for this vulnerability.